Hello Murilo,
why don't you use ldaps instead ?
Regards
Fabrice
Le 18-10-24 à 07 h 25, Murilo Calegari a écrit :
Hi, everyone,
Be aware of the dummy! The default_login_policy didn't have my Radius
Source as Source (duh), so PacketFence wasn't forwarding credentials
to my NPS. Later I had to active PAP as authentication type in NPS server.
I'm aware that PAP is a VERY weak protocol to transmit credentials
over some public network, can't PacketFence deal with some more
robust, encrypted, authentication method?
Hope you can answer me.
Best Regards,
Murilo Calegari de Souza
Estagiário da TI
Coordenadoria de Tecnologia da Informação
Instituto Federal do Espírito Santo – Campus Nova Venécia
27 3752 4311 ramal 43112
Em qua, 24 de out de 2018 às 08:12, Murilo Calegari
<[email protected]
<mailto:[email protected]>> escreveu:
Hi, Fabrice,
On the NPS Server, the network politics for PacketFence are now
configure so it accepts PEAP, EAP-MSCHAP v2 and it also has CHAP
checkbox activated, but login still won't work.
Today our NPS server provides authentication for WPAEnteprise
Wi-Fis, I've got it configure in the UniFi controller and also
some regular routers around the school.
Regards,
Murilo Calegari de Souza
Estagiário da TI
Coordenadoria de Tecnologia da Informação
Instituto Federal do Espírito Santo – Campus Nova Venécia
27 3752 4311 ramal 43112
Em ter, 23 de out de 2018 às 18:40, Durand fabrice via
PacketFence-users <[email protected]
<mailto:[email protected]>> escreveu:
Hello Murilo,
does your NPS server is configured to do chap ?
When you say the NPS provides RADIUS Authentication, what kind
of authentication ?
Regards
Fabrice
Le 18-10-23 à 11 h 02, Murilo Calegari via PacketFence-users a
écrit :
Hi,
We have in our school a NPS server that provides RADIUS
authentication. It works fine in other systems, but when
adding it in PacketFence it doesn't work as authentication
source.
On the NPS server,I have already created PacketFence server
as client and added its own rule. On PacketFence side, I
created a new RADIUS Internal Source and associated the
realms default, local and null — which are not pointing to
any AD Domain. I wasn't able to find a portal module to
RADIUS (I'm now assuming it is "login"); on login module,
after inserting credentials (without the @ part) "Invalid
login or password" is thrown and packetfence.log registers
the following:
Oct 23 11:58:58 prometeu packetfence_httpd.portal:
httpd.portal(43305) INFO: [mac:00:11:22:33:44:55] Found
authentication source(s) : 'local' for realm 'null'
(pf::config::util::filter_authentication_sources)
Oct 23 11:58:58 prometeu packetfence_httpd.portal:
httpd.portal(43305) INFO: [mac:00:11:22:33:44:55]
Authenticating user using sources : local
(captiveportal::PacketFence::DynamicRouting::Module::Authentication::Login::authenticate)
Maybe realm null is not properly pointing to the RADIUS source.
Hope someone can help me!
Best regards,
Murilo Calegari de Souza
Estagiário da TI
Coordenadoria de Tecnologia da Informação
Instituto Federal do Espírito Santo – Campus Nova Venécia
27 3752 4311 ramal 43112
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
